Challenge, Easy,  on  Security
ProblemSolutionDiscussion

In this challenge, you'll practice creating and using fine-grained access tokens on GitHub.

Fine-grained access tokens offer more granular control over permissions compared to traditional personal access tokens. They allow you to specify exactly what actions a token can perform and on which resources.

Go to the Fine-grained access tokens page and create a new token:

  • Limit the token's scope to a private repository (create a new one if necessary)
  • Set the Contents permission to Read-only

Clone the repository (using its HTTPS URL).

Hint 1 💡

You can use the GitHub CLI (gh) to clone the repository into a directory named repo:

gh repo clone <repository> repo

or

git clone https://github.com/<username>/<repository>.git repo
Discussion:  Discord
Categories: Security
Tags:  #github

Level up your Server Side game — Join 10,000 engineers who receive insightful learning materials straight to their inbox

How to Author Challenges on iximiuz Labs

Instead of providing a subpar online editing experience, iximiuz Labs offers a helper CLI tool called labctl, allowing you to use your favorite text editor (or a full-featured IDE) to write content from the comfort of your local machine.

Install labctl CLI

curl -sf https://labs.iximiuz.com/cli/install.sh | sh

This will download and install the latest version of the labctl CLI. You only need to do this once per workstation.

Authorize labctl

labctl auth login

This will open a browser window asking you to authorize labctl to access your account. You need to do it after a fresh install of labctl and repeat it whenever the auth session expires.

Pull challenge content

labctl content pull challenge github-fine-grained-access-tokens-43c9a20d

This will create a local copy of the challenge content in a directory named github-fine-grained-access-tokens-43c9a20d. You only need to do this once per challenge.

Stream your changes

labctl content push -fw challenge github-fine-grained-access-tokens-43c9a20d

Run this command in a separate terminal to continuously upload your changes to the server while editing the challenge in your favorite text editor or IDE.

You can also use labctl to create, list, and delete your content. Learn more about the available commands: labctl content --help